Privacy Policy

Created on 23 November, 2024 • 4 minutes read

Effective Date: 4 July 2025

toolano.com (“we,” “us,” or “our company”) values your privacy and is committed to protecting your personal data in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and Act No. 110/2019 Coll., on the Processing of Personal Data.

This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our website and services.

1. Data Controller

For questions or requests about personal-data protection, please contact us via the contact page on our website.

2. Definitions

  • Personal Data – any information relating to an identified or identifiable natural person.
  • Data Subject – the natural person to whom the personal data relates.
  • Processing – any operation or set of operations performed on personal data.

3. What Data We Collect

3.1 Data Provided Directly by You

  • Registration Data – username, e-mail address, and password (stored in encrypted form).
  • Identification Data – IP address collected when you access our website.
  • Communication Data – content of communications between you and us (e-mails, messages).

3.2 Data Collected Automatically

  • Technical Data – browser type and version, device type, operating system, screen resolution.
  • Activity Data – pages visited, time spent on the site, clicks, mouse movements, scrolling.

3.3 Data from Third Parties

  • Analytical Data – visitor analytics provided by Microsoft Clarity.

4. Purposes of Data Processing

  • Providing and Improving Services – enabling use of our website and services, customising content, enhancing user experience.
  • User Communication – sending important information about our services, responding to inquiries, resolving complaints.
  • Analysis and Statistics – monitoring and analysing trends, user preferences, and behaviour to improve our services.
  • Advertising and Marketing – displaying personalised advertisements through selected advertising partners.
  • Security and Protection – ensuring website security, preventing fraud, and mitigating cyber-threats using Bunny CDN’s security and content-delivery services.

5. Legal Basis for Data Processing

  • Performance of a Contract – necessary for delivering services you have requested (e.g., registration and account management).
  • Legitimate Interest – improving services, securing the website, and conducting marketing activities.
  • Consent – for specific purposes (e.g., sending marketing communications) where your consent is required.

6. Cookies and Similar Technologies

Our website uses cookies and similar technologies to recognise your browser or device, ensure basic functionality, analyse traffic, and personalise content and ads.

6.1 Types of Cookies We Use

  • Essential Cookies – ensure the basic functionality of the website and cannot be disabled.
  • Analytical Cookies – allow us to track traffic and user behaviour (Microsoft Clarity).
  • Advertising Cookies – used to display relevant ads through our advertising partners.
  • Security Cookies – help protect our website against cyber-threats (Bunny CDN).

6.2 Managing Cookies

You can configure your browser to reject cookies or alert you when cookies are being sent. Disabling certain cookies may impact site functionality. See your browser’s help section for details.

7. Sharing and Transferring Personal Data

7.1 Service Providers (Processors)

We may share personal data with trusted third parties that provide essential services for operating our website:

  • Microsoft Corporation – visitor analytics (Microsoft Clarity).
  • Bunny Way d.o.o. (Bunny CDN) – content-delivery network and security services.

These entities are contractually obligated to protect your personal data and may not use it for other purposes.

7.2 Legal Reasons

We may disclose your personal data to third parties where necessary to comply with legal obligations, protect our rights or property, or safeguard users and the public.

8. Transfer of Personal Data to Third Countries

Some service providers may be located outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards such as

  • Standard Contractual Clauses approved by the European Commission, or other lawful transfer mechanisms recognised by GDPR.

9. Security of Personal Data

We implement technical and organisational measures to secure personal data against unauthorised access, loss, destruction, or damage, including:

  • Encryption during transmission (SSL/TLS).
  • Restricted access for employees and processors who need the data.
  • Regular updates and testing of security technologies.

10. Data Retention

We retain personal data only as long as necessary to fulfil the purposes for which it was collected or as required by law. Criteria include:

  • Duration of Contractual Relationship – while you are a registered user.
  • Legal Obligations – periods required by applicable laws.
  • Legitimate Interests – time needed to protect our rights and property.

11. Data Subject Rights

Under applicable law, you have the following rights:

Access Request confirmation of processing and obtain a copy of your data.

Rectification Request correction of inaccurate or incomplete data.

Erasure (Right to be Forgotten) Request deletion of data under certain circumstances.

Restriction Request limiting of processing when accuracy is contested, processing is unlawful, or data is no longer needed.

Receive Data in a structured, machine-readable format and transfer it to another controller.

Object to Processing based on legitimate interests, including profiling or direct marketing.

Withdraw Consent at any time (does not affect prior lawful processing).

Lodge a Complaint File with a supervisory authority (in the Czech Republic: Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, Tel. +420 234 665 111).

12. Children’s Privacy

Our website is not intended for children under 16. We do not knowingly collect personal data from children without parental or guardian consent. If we discover such data, we will delete it promptly.

13. Links to Third Parties

Our website may contain links to third-party sites and services not operated by us. We are not responsible for their content or privacy practices. Please review the privacy policies of any external sites you visit.

14. Data Transmission Security

Transmission of information over the internet is not entirely secure. While we strive to protect your personal data, we cannot guarantee its security during transit; any transmission is at your own risk.

15. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our services or legal requirements. Updates will be posted on this page, and where appropriate, we will notify you by e-mail or through our website. The effective date at the top indicates the most recent revision.

Your privacy matters to us. We remain committed to protecting your personal data and complying with all applicable data-protection laws.